Introduction
ID360 REST API allows the integration and management of Id360 resources from third-party applications and services.
This will enable users or developers to build custom applications with ID360 architecture as a foundation enabling secure, programmatic interaction for executing actions.
ID360 API provides Restful APIs and hence is independent of programming languages. You can develop applications in any programming language, and the response data is also language-independent and will be in JSON Format.
All Identity360 APIs require one mandatory field in the header:
- Authorization: The access token generated through the OAuth 2.0 protocol.
https://id360.manageengine.com/api/v1
Prerequisites
To use Identity360's API, you must meet the following prerequisites:
- Have an active Identity360 account.
- Have a valid access token. You can obtain an access token by following the OAuth 2.0 authentication process.
- Familiarity with RESTful APIs and JSON format.
- Basic knowledge of HTTP methods (GET, POST, PUT, DELETE).
HTTP methods
Identity360 APIs allow data manipulation and retrieval using various HTTP methods.
| Method | Purpose |
|---|---|
| GET | Retrieve resources. |
| POST | Create resources and perform resource actions. |
| PUT | Update resources. |
| PATCH | Partially update resources. |
| DELETE | Delete resources. |
HTTP status codes
Identity360 uses HTTP status codes to indicate success or failure of API calls. Status codes in the 2xx range indicate success, 4xx range indicates client-side errors and codes in the 5xx range indicate server-side errors. The following table lists some commonly used HTTP status codes.
| Status code | Status message | Description |
|---|---|---|
| 200 | OK | The requested data is successfully retrieved. |
| 201 | Created | The data is successfully created or added. |
| 204 | No Content | No data is returned for the request. |
| 400 | Bad Request | The request is considered invalid, such as when an incorrect path or parameter is found in the request body. |
| 401 | Unauthorized | Authentication fails due to an invalid authentication token. |
| 403 | Forbidden (unauthorized access) | The user doesn't have the required permissions to perform the operation. |
| 404 | Not Found | The resource cannot be found. |
| 405 | Method not allowed (method called is not supported for the API invoked) | An unsupported HTTP method is used to access an endpoint. |
| 413 | Payload Too Large | The server rejects the request during file upload because the file size exceeds the allowed limit. |
| 415 | Unsupported Media Type | The server rejects the file upload request because the media or file type is not supported. |
| 422 | Unprocessable Content | The request cannot be processed due to field restrictions, such as a name being too long or the content containing a duplicate ID. |
| 429 | Too Many Requests | This is used when the number of API requests exceeded the allowed limit for the given time period. |
| 500 | Internal Server Error | An unknown server error has occurred. |
API Call Limit
API calls are limited to provide better quality of service and availability to all the users.
- Read APIs (GET requests) : The limit is 100 requests/minute, which applies to all GET API Endpoints.
- Action APIs (non-GET requests) : The limit is 50 requests/minute, which applies to all non-GET API Endpoints.
Some API may have custom limits, which will be mentioned in the respective API description.